package com.peycard.servlet;

import java.io.IOException;
import java.text.ParseException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.peycard.service.LoginService;
import com.peycard.util.Utils;

/**
 * Servlet implementation class PreguntaSecreta
 */
public class PreguntaSecreta extends HttpServlet {
	private static final long serialVersionUID = 1L;

	/**
	 * Método que verifica si la respuesta a la pregunta secreta proporcionada
	 * concuerda con la que se encuentra guardada en la base de datos. Procesa
	 * la petición para los métodos HTTP <code>GET</code> y <code>POST</code>
	 * 
	 * @param request
	 * @param response
	 * @throws ServletException
	 * @throws IOException
	 */
	protected void securityQuestion(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html;charset=UTF-8");

		HttpSession session = request.getSession(true);
		String rightAnswer = Utils.encryptPassword((String) session
				.getAttribute("requestAnswer"));
		String currentAnswer = Utils.encryptPassword(request
				.getParameter("current_answer"));
		if (rightAnswer.equals(currentAnswer)) {
			String requestAudit = String.valueOf(session
					.getAttribute("requestAudit"));
			String idUser = (String) session.getAttribute("requestId");
			try {
				LoginService service = new LoginService();
				clearSession(session);
				if (service.validateRestorePassword(idUser, requestAudit)) {
					RequestDispatcher requestDispatchet = request
							.getRequestDispatcher("/index.jsp");
					requestDispatchet.forward(request, response);
				} else {
					request.setAttribute("error_message", "Intente de nuevo");
					RequestDispatcher requestDispatchet = request
							.getRequestDispatcher("/preguntaSecreta.jsp");
					requestDispatchet.forward(request, response);
				}
			} catch (ParseException e) {
				String exceptionMsg = "Ocurrió un error al parsear la petición";
				request.setAttribute("message", exceptionMsg);
			}
		} else {
			request.setAttribute("error_message",
					"Las contraseñas no coinciden");
			RequestDispatcher requestDispatchet = request
					.getRequestDispatcher("/preguntaSecreta.jsp");
			requestDispatchet.forward(request, response);
		}

	}

	/**
	 * @see HttpServlet#HttpServlet()
	 */
	public PreguntaSecreta() {
		super();
	}

	private void clearSession(HttpSession session) {
		session.setAttribute("requestAudit", null);
		session.setAttribute("requestAnswer", null);
		session.setAttribute("requestQuestion", null);
		session.setAttribute("requestId", null);
	}

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doGet(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doPost(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		securityQuestion(request, response);
	}

}
